All of the physical interfaces are located on a 192.168.1.1/24 network with the first address being the default gatewat/dns server.
VM network config
And I haven’t played around with the firewall. I was following this tutorial
But the host doesn’t setup any port forwarding there at least. I would like to access the webGUI of that VM on a seperate desktop. Any ideas or good hints?
Sorry to ask this, but I didn’t really find a answer where it should lead? Assuming I am using a totally different address space compared to the actual LAN for the brigde stuff (172.16.x.x) compared to 192.168.1.x.
where is the router that will be handling 172.16.x.x traffic? usually it will be something like 172.16.1.254. someone should know what it is, if this is a home lab then you would have had to have enabled the router on that network. Just like how 192.168.1.1 is the router for the 192 space.
also if you are using multiple networks you should use VLANS. i actually have 192.168.1.x networks as well as 10.x.x.x networks all in my proxmox. my host does not show the other networks as i assign the virtual nic of the VM to separate networks when needed.
NOTE: if i lost you at some point, we need to backup and discuss what your goal is.
In short, my intention for the 172.16.x.x network is to be the Server internal NAT network, in the bridged network.
I have the CCNA ITN degree, but I haven’t done this kinda stuff. I don’t currently have vlans setted up.
In short, this is the question/goal
Setup a network connection to the VM in such a way, that it can access the LAN-network for updates, and also receive and respond to service requests from the LAN.
The 172.16.x.x network is only “inside” the proxmox (my thought was to easily identify the different devices). But that might not make sense. So there isn’t a router in there, and but I would like to be bridged to the LAN-network.
Does this sound doable, or should I consider going with a different subnet using the 192.168.x.x address space? The physical nics have addresses in the LAN-network (my home network).
Sorry, I might have missed something, don’t hesitate to ask…
even if you set all of this stuff up static, and all the VMs use 172 and can all talk to each other, you will need some sort of router somewhere to move traffic from 172 ‘out’.
opt 1. if your current router that is 192.168.1.1 supports it, add anther network to it and use it as the 172 gateway also. (it will probably be open even if it supports it, so both networks will have full access to each other and the internet)
opt 2. build a VM with 2 nics and a firewall distro like untangle, openwrt, etc, do routing from one network to the other there.
opt 3. use a physical device and a seperate nic on the host to get traffic to the physical device that is the router. could be an old pc with 2 nics, whatever.
opt 4. move all traffic to 192 and your gateway will be 192.168.1.1 (i would still recommend cleaning up the bridge)
in short, routers move traffic from one network to another. switches carry traffic to the router.
NOTE: it is possible to NAT inside of proxmox, you will want to look up a guide and see if that is a task that you are capable of. for a home lab it is fine, i just prefer to use a router as a router and a VM host as a VM host.
eno1 needs to be on but this physical interface does not need a gateway, or even an IP address as the bridge will handle that.
eno2 leave on and leave a IP and Gateway and you can use it as a management interface if you want
set vmbr0 with an IP and a Gateway and your virtual machines will traverse this to get to the network. (you only NEED the gateway, this interface does not need an IP address if you are using eno2 for management, but you can leave it as it wont hurt.)
linux is not windows, just because an interface is on, does not mean it needs an IP to do something.
do NOT set a bridge IP to the same as a nic IP, if you are asigning IPs at all to these things.
on MY screenshot, the 10gb NIC has no IP, but is set to on. the Bridge IP is used for management, the bridge gateway carries the VM traffic. all of my enoX devices are passed into VMs for specific reasons.
I attach the virtual machines VirtIO nics to the vmbr1 interface.
The important thing here is that you do NOT assign IP addresses to the physical nics directly, you attach them to a virtual bridge and then give that bridge an IP. My setup just takes it a step further to setup a HA failover method (should one NIC die).
